[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2009-1476

Date: (C)2009-05-26   (M)2017-08-18
 
CVSS Score: 7.2Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.

Reference:
SECTRACK-1022272
http://securityreason.com/achievement_securityalert/62
BID-35076
http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c
http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1&r2=1.2&f=h
ipfilter-loadhttp-bo(50716)

CWE    1
CWE-119

© 2013 SecPod Technologies